Site Vulnerability

[Zylstra]

I just noticed it today, all the things that make my site vulnerable to everything.
People can upload PHP files to take over, people might just have the knowledge of whats located where in my site to take it over, and everything like that.

What can I do to protect my site?

(Just as I was downloading PSAK for my site, aka, Swiss Army Knife, because I left my PostNuke disabled, I realized all the problems that I could have with things like hackers, DoS attacks, and whatnot. )
any advice welcome.

[Rob Pomeroy]

HOW can people upload files to your site?  Are you saying they may be able to crack your FTP access?  Then change your password frequently and make it a strong one.

[Zylstra]

HOW can people upload files to your site?  Are you saying they may be able to crack your FTP access?  Then change your password frequently and make it a strong one.

No no no. I have upload forms. (Not yet available to public)
People don't know the upload directory, but what if they just went anonymous FTP and found it?
They could upload a PHP file that could potentially take over...

And there are many other ways.

How about this:
How would I force an upload form to deny a PHP file?

[Rob Pomeroy]

People don't know the upload directory, but what if they just went anonymous FTP and found it?

Disable anonymous FTP access, or point it a a directory that prevents them viewing any other directories.

They could upload a PHP file that could potentially take over...

Only if anonymous uploading is permitting AND such uploads can be accessed via the web server.

Please tell me you're not that silly?  That is pretty much the most insecure setup you could create for any web site.

How would I force an upload form to deny a PHP file?

Wrong question.  You NEVER trust anything uploaded by a user.  So you NEVER let a user upload to a folder that can then be accessed through the web server.  The reasons for that should be obvious...  If an outside user can force the web server to parse a file he uploaded, he can do pretty much anything he likes with your server.

Therefore, whatever form processes the upload should check the file first, and enforce requirements (such as determining the file name and final location).

NEVER EVER put your web server in a position where it can be FORCED to run a file (of ANY TYPE) uploaded by a user.

Have I said that enough times yet?  

[Zylstra]

People don't know the upload directory, but what if they just went anonymous FTP and found it?

Disable anonymous FTP access, or point it a a directory that prevents them viewing any other directories.

I believe it is already disabled. But just to be sure, I will check...

They could upload a PHP file that could potentially take over...

Only if anonymous uploading is permitting AND such uploads can be accessed via the web server.

Please tell me you're not that silly?  That is pretty much the most insecure setup you could create for any web site.

They could upload a PHP file through the form. (which is not available to the public) (In fact, its protected and password restricted right now)

How would I force an upload form to deny a PHP file?

Wrong question.  You NEVER trust anything uploaded by a user.  So you NEVER let a user upload to a folder that can then be accessed through the web server.  The reasons for that should be obvious...  If an outside user can force the web server to parse a file he uploaded, he can do pretty much anything he likes with your server.

Therefore, whatever form processes the upload should check the file first, and enforce requirements (such as determining the file name and final location).

NEVER EVER put your web server in a position where it can be FORCED to run a file (of ANY TYPE) uploaded by a user.

Have I said that enough times yet?  

The form is what would allow any file to be uploaded. Not FTP.
Re-write: "How would I make a form only allow images to be uploaded"
(as the form is for images. And I would like images to be uploaded there. )

[Rob Pomeroy]

• Do not store the incoming file in a folder that is within your webroot
• You will need to rename the file, or at least check the filename, to prevent any existing files from being overwritten
• Check the the file has an acceptable extension - .jpg, .gif, etc.
• Use a PHP script to enable the image to be downloaded, but never run
• Consider using the PHP image functions to test whether the file is an image (by checking its size, for example)
• Consider emailing to you a copy of all uploaded files

[Zylstra]

• Do not store the incoming file in a folder that is within your webroot
• You will need to rename the file, or at least check the filename, to prevent any existing files from being overwritten
• Check the the file has an acceptable extension - .jpg, .gif, etc.
• Use a PHP script to enable the image to be downloaded, but never run
• Consider using the PHP image functions to test whether the file is an image (by checking its size, for example)
• Consider emailing to you a copy of all uploaded files

Well, in that case, I think I am mostly fine.
I can rename the files as they come in. I am sent an email with a link to the file, and the files are automatically renamed.
I will start another thread about acceptable file extensions.
So, for now, I think I am all good!

[Flame]

If you keep the account safe, leave the rest to Scott  

Flame

[Zylstra]

If you keep the account safe, leave the rest to Scott  

Flame

Scott?
BTW: Flame,
I have been sending emails to [email protected] , and have received no replies.